
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
node-hnsearch is a thin wrapper around the HNSearch REST API. Since node-hnsearch is such a thin wrapper, consulting the documentation provided by HNSearch is highly advised.
$ npm install hnsearch
var hnsearch = require('hnsearch');
Use for querying submissions, comments, and users, respectively, against HNSearch's search API. query
is the object containing the key-value pairs that the query string will be composed of. cb
is the callback function that will be called when the response from HNSearch is received. It should support a (err, response)
signature.
Details about the query fields and the response
object can be found on the HNSearch API website.
var hnsearch = require('hnsearch');
hnsearch.submissions({ q: 'javascript semicolons' }, function(err, response) {
if (err) { process.exit(1); }
console.log('Comments about semicolons and javascript!');
response.results.forEach(function(result) {
console.log(result.item.text);
});
});
No tests yet! As soon as there are some though, you'll be able to run them as follows:
$ cd node-hnsearch
$ npm test
Found a bug? Create an issue on GitHub.
https://github.com/jharding/node-hnsearch/issues
For transparency and insight into the release cycle, releases will be numbered with the follow format:
<major>.<minor>.<patch>
And constructed with the following guidelines:
For more information on semantic versioning, please visit http://semver.org/.
Copyright (c) 2013 Jake Harding
Licensed under the MIT License.
FAQs
Wrapper around HNSearch REST API
The npm package hnsearch receives a total of 0 weekly downloads. As such, hnsearch popularity was classified as not popular.
We found that hnsearch demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.